5 <meta name=viewport
content=
"width=device-width, initial-scale=1">
6 <link rel=
"stylesheet" href=
"/css/main.css" type=
"text/css">
7 <title>Privacy Policy ~ Yukkuri Games
</title>
12 <img src=
"/logotype_horizontal_1.png" class=logo
alt=
"(◕ ヮ ◕)">
13 <img src=
"/logotype_horizontal_2.png" class=optional
16 <h1>Privacy Policy
</h1>
21 Rather than a policy about how we're going to protect the data
22 we gather about you, we've got a simpler plan: We'll try as
23 hard as we can to
<em>not
</em> gather data about you.
24 We'd also like to help you defuse and poison other tracking
29 We log HTTP requests in order to help maintain our site - fix
30 broken links, block spammers, and so on. These logs look like
32 <pre>78.55.123.218 - - [
03/Sep/
2014:
13:
45:
06 +
0000]
"GET /heroik/heroik.html HTTP/1.1" 200 1616 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:32.0) Gecko/20100101 Firefox/32.0"</pre>
34 They contain your IP, the URL you visited, when you visited
35 it, what browser you were using, and (sometimes) where you
36 came from. Your browser sends this to every site you visit. If
37 you think it's too much information, most browsers have some
38 way to send less - for example, in Firefox you can
39 set
<code>network.http.sendRefererHeader
</code> to
40 <code>false
</code> and install
<a href=
"https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/">User Agent Switcher
</a>.
44 We host our own email service. Email sent to yukkurigames.com
45 <a href=
"http://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours">does not go through GMail on our end
</a>.
48 <h3>Cookie Policy
</h3>
50 We don't use cookies or anything like cookies to track you.
53 We use cookies to prevent request forgery. These don't contain
54 any identifying information. These
<a href=
"https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies">double-submit cookies
</a>,
55 are random cookies that reset each time you visit the page.
56 This prevents another site from tricking you into submitting
57 data to our site, because they can't read the random value in
61 For long-term data storage we use HTML5
62 <a href=
"http://diveintohtml5.info/storage.html">localStorage
</a>
63 and other similar
<em>client-side storage
</em>. This gives you
64 the benefits of cookies, but your data is never sent to the
65 server, so there's nothing to secure.
69 We don't track any personal data via this site, so we have no
70 special databases to secure.
73 Our primary site, which you are reading now, is served
74 exclusively via HTTPS. We would like to offer HTTPS for all
75 our subdomains, but the CA racket means we can't afford it. In
76 the future we hope CAs are replaced by something like
77 <a href=
"http://convergence.io/">Convergence
</a> so cheap
78 security is available for everyone, but right now it doesn't
81 <h2>Third-Party Links
</h2>
83 Because this is the web, we link to other sites. Some of our
84 games are only available from other sites, because trading
85 money for games requires handling at least a little personal
86 data. We'd rather that be done by people good at doing it.
89 Most of these sites don't care about your privacy. Sometimes
90 at least they'll be providing you a useful service in exchange
91 for surveilling you, but usually they're willing to sell you
92 out to a dozen firms via Google in exchange for a pretty bar
96 We think it's awful, too. Sorry.
99 To protect yourself on these sites, we recommend you use tools
100 to help you browse the web safely and securely. One easy and
102 <a href=
"https://disconnect.me/">Disconnect
</a>.
103 <a href=
"https://prism-break.org/">PRISM Break has more suggestions
</a>,
104 though it's unfortunately-named because this problem
<a href=
"http://www.hiddendriver.com/projects/the-peoples-platform">neither
105 begins nor ends with the PRISM program or state surveillance
</a>.
108 Other Stuff We Don't Do That You Should Push Other Sites To
113 We don't run Google Analytics or Cloudfront Analytics or
114 Cloudflare Clicky or any of that garbage. Even if a site
115 needs to collect data for its own operation, these services
116 also feed that data into even larger and more troubling
120 We don't use Google's fonts; we host them ourselves.
<a href=
"http://blog.milandinic.com/wordpress/plugins/disable-google-fonts/">Most
121 Wordpress sites are helping Google track their readers and
122 they don't even know it.
</a> At
123 the very least, demand a cut of Google's revenue if you're
124 going to work for them.
127 We don't put stock
"share" buttons on our site. Aside from
128 being useless eyesores
<a href=
"https://www.eff.org/press/releases/stop-sneaky-online-tracking-effs-privacy-badger">these
129 buttons are used by social media companies to track you on
130 other sites
</a>. Tools like
<a href=
"https://www.eff.org/privacybadger">EFF's Privacy Badger
</a> and
<a href=
"https://disconnect.me/">Disconnect
</a> can
131 help block these on other sites.
134 We don't minify or obfuscate most files
— HTML, CSS,
135 or JavaScript
— we serve. This means it's easy for you
136 to check what we're doing with just your browser.
141 We may update this Privacy Policy from time to time. Since
142 this document is
<a href=
"http://git.yukkurigames.com/?p=yukkurigames.com.git;a=history;f=privacy.html">stored in our site's Git repository
</a>, you can easily track these changes.
projects / yukkurigames.com.git / blob